Researchers at Microsoft Corp. have blown the lid off a large-scale, typo-squatting scheme that uses multi-layer URL redirection to game Google"s AdSense for domains program. The scheme was uncovered when Redmond lab rats decided to extend its HoneyMonkey exploit detection system, a project that runs automatic and systematic Web scans to investigate the seedier side of the Internet.
With the new Strider Typo-Patrol System, the Microsoft Research Systems Management Research Group was able to track down a ring of typo-squatters registering misspelled domain names and generating traffic to serve advertising from Google. Using five programmatic typo-generation models, the researchers pinpointed a series of domain-registration structures being used by "major typo-squatters" to steal traffic from some of the biggest Internet brands, including Amazon.com, Expedia.com and Mapquest.com.